opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-05-17 15:18:43 +08:00
Code Issues Packages Projects Releases Wiki Activity

Remove concept of Namespaces from BoltDB

Browse Source 
This has been broken since we added Volumes - so, Podman v0.12.1
(so, around 5 years). I have no evidence anyone is using it in
the wild. It doesn't really function as expected. And it's a lot
of extraneous code and tests for the database.

Rip it out entirely, we can re-add once BoltDB is gone if there
is a requirement to do so.

Signed-off-by: Matt Heon <mheon@redhat.com>
This commit is contained in:
Matt Heon
2023-02-20 13:40:42 -05:00
parent 1b968c6074
commit 5c2a0670fc
3 changed files with 6 additions and 1405 deletions
Download Patch File Download Diff File Expand all files Collapse all files

209
libpod/boltdb_state.go
View File

@ -21,8 +21,6 @@ type BoltState struct {
valid bool
dbPath string
dbLock sync.Mutex
namespace string
namespaceBytes []byte
runtime *Runtime
}
@ -32,9 +30,6 @@ type BoltState struct {
// Used to ensure container and pod IDs are globally unique.
// - nameRegistryBkt: Maps Name to ID for containers and pods.
// Used to ensure container and pod names are globally unique.
// - nsRegistryBkt: Maps ID to namespace for all containers and pods.
// Used during lookup operations to determine if a given ID is in the same
// namespace as the state.
// - ctrBkt: Contains a sub-bucket for each container in the state.
// Each sub-bucket has config and state keys holding the container's JSON
// encoded configuration and state (respectively), an optional netNS key
@ -77,8 +72,6 @@ func NewBoltState(path string, runtime *Runtime) (State, error) {
state := new(BoltState)
state.dbPath = path
state.runtime = runtime
state.namespace = ""
state.namespaceBytes = nil
logrus.Debugf("Initializing boltdb state at %s", path)
@ -97,7 +90,6 @@ func NewBoltState(path string, runtime *Runtime) (State, error) {
createBuckets := [][]byte{
idRegistryBkt,
nameRegistryBkt,
nsRegistryBkt,
ctrBkt,
allCtrsBkt,
podBkt,
@ -496,20 +488,6 @@ func (s *BoltState) ValidateDBConfig(runtime *Runtime) error {
return nil
}
// SetNamespace sets the namespace that will be used for container and pod
// retrieval
func (s *BoltState) SetNamespace(ns string) error {
s.namespace = ns
if ns != "" {
s.namespaceBytes = []byte(ns)
} else {
s.namespaceBytes = nil
}
return nil
}
// GetContainerName returns the name associated with a given ID.
// Returns ErrNoSuchCtr if the ID does not exist.
// TODO TODO TODO: Rewrite this to only retrieve containers.
@ -543,18 +521,6 @@ func (s *BoltState) GetContainerName(id string) (string, error) {
return define.ErrNoSuchCtr
}
if s.namespaceBytes != nil {
nsBkt, err := getNSBucket(tx)
if err != nil {
return err
}
idNs := nsBkt.Get(idBytes)
if !bytes.Equal(idNs, s.namespaceBytes) {
return define.ErrNoSuchCtr
}
}
name = string(nameBytes)
return nil
})
@ -598,18 +564,6 @@ func (s *BoltState) GetPodName(id string) (string, error) {
return define.ErrNoSuchPod
}
if s.namespaceBytes != nil {
nsBkt, err := getNSBucket(tx)
if err != nil {
return err
}
idNs := nsBkt.Get(idBytes)
if !bytes.Equal(idNs, s.namespaceBytes) {
return define.ErrNoSuchPod
}
}
name = string(nameBytes)
return nil
})
@ -686,19 +640,7 @@ func (s *BoltState) LookupContainerID(idOrName string) (string, error) {
return err
}
nsBucket, err := getNSBucket(tx)
if err != nil {
return err
}
fullID, err := s.lookupContainerID(idOrName, ctrBucket, namesBucket, nsBucket)
// Check if it is in our namespace
if s.namespaceBytes != nil {
ns := nsBucket.Get(fullID)
if !bytes.Equal(ns, s.namespaceBytes) {
return fmt.Errorf("no container found with name or ID %s: %w", idOrName, define.ErrNoSuchCtr)
}
}
fullID, err := s.lookupContainerID(idOrName, ctrBucket, namesBucket)
id = fullID
return err
})
@ -743,12 +685,7 @@ func (s *BoltState) LookupContainer(idOrName string) (*Container, error) {
return err
}
nsBucket, err := getNSBucket(tx)
if err != nil {
return err
}
id, err := s.lookupContainerID(idOrName, ctrBucket, namesBucket, nsBucket)
id, err := s.lookupContainerID(idOrName, ctrBucket, namesBucket)
if err != nil {
return err
}
@ -790,14 +727,7 @@ func (s *BoltState) HasContainer(id string) (bool, error) {
ctrDB := ctrBucket.Bucket(ctrID)
if ctrDB != nil {
if s.namespaceBytes != nil {
nsBytes := ctrDB.Get(namespaceKey)
if bytes.Equal(nsBytes, s.namespaceBytes) {
exists = true
}
} else {
exists = true
}
exists = true
}
return nil
@ -861,10 +791,6 @@ func (s *BoltState) UpdateContainer(ctr *Container) error {
return define.ErrCtrRemoved
}
if s.namespace != "" && s.namespace != ctr.config.Namespace {
return fmt.Errorf("container %s is in namespace %q, does not match our namespace %q: %w", ctr.ID(), ctr.config.Namespace, s.namespace, define.ErrNSMismatch)
}
ctrID := []byte(ctr.ID())
db, err := s.getDBCon()
@ -892,10 +818,6 @@ func (s *BoltState) SaveContainer(ctr *Container) error {
return define.ErrCtrRemoved
}
if s.namespace != "" && s.namespace != ctr.config.Namespace {
return fmt.Errorf("container %s is in namespace %q, does not match our namespace %q: %w", ctr.ID(), ctr.config.Namespace, s.namespace, define.ErrNSMismatch)
}
stateJSON, err := json.Marshal(ctr.state)
if err != nil {
return fmt.Errorf("marshalling container %s state to JSON: %w", ctr.ID(), err)
@ -951,10 +873,6 @@ func (s *BoltState) ContainerInUse(ctr *Container) ([]string, error) {
return nil, define.ErrCtrRemoved
}
if s.namespace != "" && s.namespace != ctr.config.Namespace {
return nil, fmt.Errorf("container %s is in namespace %q, does not match our namespace %q: %w", ctr.ID(), ctr.config.Namespace, s.namespace, define.ErrNSMismatch)
}
depCtrs := []string{}
db, err := s.getDBCon()
@ -1039,17 +957,7 @@ func (s *BoltState) AllContainers(loadState bool) ([]*Container, error) {
ctr.state = new(ContainerState)
if err := s.getContainerFromDB(id, ctr, ctrBucket, loadState); err != nil {
// If the error is a namespace mismatch, we can
// ignore it safely.
// We just won't include the container in the
// results.
if !errors.Is(err, define.ErrNSMismatch) {
// Even if it's not an NS mismatch, it's
// not worth erroring over.
// If we do, a single bad container JSON
// could render libpod unusable.
logrus.Errorf("Retrieving container %s from the database: %v", string(id), err)
}
logrus.Errorf("Error retrieving container from database: %v", err)
} else {
ctrs = append(ctrs, ctr)
}
@ -1074,10 +982,6 @@ func (s *BoltState) GetNetworks(ctr *Container) (map[string]types.PerNetworkOpti
return nil, define.ErrCtrRemoved
}
if s.namespace != "" && s.namespace != ctr.config.Namespace {
return nil, fmt.Errorf("container %s is in namespace %q, does not match our namespace %q: %w", ctr.ID(), ctr.config.Namespace, s.namespace, define.ErrNSMismatch)
}
// if the network mode is not bridge return no networks
if !ctr.config.NetMode.IsBridge() {
return nil, nil
@ -1262,10 +1166,6 @@ func (s *BoltState) networkModify(ctr *Container, network string, opts types.Per
return fmt.Errorf("network names must not be empty: %w", define.ErrInvalidArg)
}
if s.namespace != "" && s.namespace != ctr.config.Namespace {
return fmt.Errorf("container %s is in namespace %q, does not match our namespace %q: %w", ctr.ID(), ctr.config.Namespace, s.namespace, define.ErrNSMismatch)
}
optBytes, err := json.Marshal(opts)
if err != nil {
return fmt.Errorf("marshalling network options JSON for container %s: %w", ctr.ID(), err)
@ -1327,10 +1227,6 @@ func (s *BoltState) NetworkDisconnect(ctr *Container, network string) error {
return fmt.Errorf("network names must not be empty: %w", define.ErrInvalidArg)
}
if s.namespace != "" && s.namespace != ctr.config.Namespace {
return fmt.Errorf("container %s is in namespace %q, does not match our namespace %q: %w", ctr.ID(), ctr.config.Namespace, s.namespace, define.ErrNSMismatch)
}
ctrID := []byte(ctr.ID())
db, err := s.getDBCon()
@ -2207,18 +2103,11 @@ func (s *BoltState) LookupPod(idOrName string) (*Pod, error) {
return err
}
nsBkt, err := getNSBucket(tx)
if err != nil {
return err
}
// First, check if the ID given was the actual pod ID
var id []byte
podExists := podBkt.Bucket([]byte(idOrName))
if podExists != nil {
// A full pod ID was given.
// It might not be in our namespace, but getPodFromDB()
// will handle that case.
id = []byte(idOrName)
return s.getPodFromDB(id, pod, podBkt)
}
@ -2245,14 +2134,6 @@ func (s *BoltState) LookupPod(idOrName string) (*Pod, error) {
// Search for partial ID matches.
exists := false
err = podBkt.ForEach(func(checkID, checkName []byte) error {
// If the pod isn't in our namespace, we
// can't match it
if s.namespaceBytes != nil {
ns := nsBkt.Get(checkID)
if !bytes.Equal(ns, s.namespaceBytes) {
return nil
}
}
if strings.HasPrefix(string(checkID), idOrName) {
if exists {
return fmt.Errorf("more than one result for ID or name %s: %w", idOrName, define.ErrPodExists)
@ -2311,14 +2192,7 @@ func (s *BoltState) HasPod(id string) (bool, error) {
podDB := podBkt.Bucket(podID)
if podDB != nil {
if s.namespaceBytes != nil {
podNS := podDB.Get(namespaceKey)
if bytes.Equal(s.namespaceBytes, podNS) {
exists = true
}
} else {
exists = true
}
exists = true
}
return nil
@ -2344,10 +2218,6 @@ func (s *BoltState) PodHasContainer(pod *Pod, id string) (bool, error) {
return false, define.ErrPodRemoved
}
if s.namespace != "" && s.namespace != pod.config.Namespace {
return false, fmt.Errorf("pod %s is in namespace %q but we are in namespace %q: %w", pod.ID(), pod.config.Namespace, s.namespace, define.ErrNSMismatch)
}
ctrID := []byte(id)
podID := []byte(pod.ID())
@ -2378,11 +2248,6 @@ func (s *BoltState) PodHasContainer(pod *Pod, id string) (bool, error) {
return fmt.Errorf("pod %s missing containers bucket in DB: %w", pod.ID(), define.ErrInternal)
}
// Don't bother with a namespace check on the container -
// We maintain the invariant that container namespaces must
// match the namespace of the pod they join.
// We already checked the pod namespace, so we should be fine.
ctr := podCtrs.Get(ctrID)
if ctr != nil {
exists = true
@ -2407,10 +2272,6 @@ func (s *BoltState) PodContainersByID(pod *Pod) ([]string, error) {
return nil, define.ErrPodRemoved
}
if s.namespace != "" && s.namespace != pod.config.Namespace {
return nil, fmt.Errorf("pod %s is in namespace %q but we are in namespace %q: %w", pod.ID(), pod.config.Namespace, s.namespace, define.ErrNSMismatch)
}
podID := []byte(pod.ID())
ctrs := []string{}
@ -2469,10 +2330,6 @@ func (s *BoltState) PodContainers(pod *Pod) ([]*Container, error) {
return nil, define.ErrPodRemoved
}
if s.namespace != "" && s.namespace != pod.config.Namespace {
return nil, fmt.Errorf("pod %s is in namespace %q but we are in namespace %q: %w", pod.ID(), pod.config.Namespace, s.namespace, define.ErrNSMismatch)
}
podID := []byte(pod.ID())
ctrs := []*Container{}
@ -3089,18 +2946,9 @@ func (s *BoltState) AddPod(pod *Pod) error {
return define.ErrPodRemoved
}
if s.namespace != "" && s.namespace != pod.config.Namespace {
return fmt.Errorf("pod %s is in namespace %q but we are in namespace %q: %w", pod.ID(), pod.config.Namespace, s.namespace, define.ErrNSMismatch)
}
podID := []byte(pod.ID())
podName := []byte(pod.Name())
var podNamespace []byte
if pod.config.Namespace != "" {
podNamespace = []byte(pod.config.Namespace)
}
podConfigJSON, err := json.Marshal(pod.config)
if err != nil {
return fmt.Errorf("marshalling pod %s config to JSON: %w", pod.ID(), err)
@ -3138,11 +2986,6 @@ func (s *BoltState) AddPod(pod *Pod) error {
return err
}
nsBkt, err := getNSBucket(tx)
if err != nil {
return err
}
// Check if we already have something with the given ID and name
idExist := idsBkt.Get(podID)
if idExist != nil {
@ -3181,15 +3024,6 @@ func (s *BoltState) AddPod(pod *Pod) error {
return fmt.Errorf("storing pod %s state JSON in DB: %w", pod.ID(), err)
}
if podNamespace != nil {
if err := newPod.Put(namespaceKey, podNamespace); err != nil {
return fmt.Errorf("storing pod %s namespace in DB: %w", pod.ID(), err)
}
if err := nsBkt.Put(podID, podNamespace); err != nil {
return fmt.Errorf("storing pod %s namespace in DB: %w", pod.ID(), err)
}
}
// Add us to the ID and names buckets
if err := idsBkt.Put(podID, podName); err != nil {
return fmt.Errorf("storing pod %s ID in DB: %w", pod.ID(), err)
@ -3221,10 +3055,6 @@ func (s *BoltState) RemovePod(pod *Pod) error {
return define.ErrPodRemoved
}
if s.namespace != "" && s.namespace != pod.config.Namespace {
return fmt.Errorf("pod %s is in namespace %q but we are in namespace %q: %w", pod.ID(), pod.config.Namespace, s.namespace, define.ErrNSMismatch)
}
podID := []byte(pod.ID())
podName := []byte(pod.Name())
@ -3255,11 +3085,6 @@ func (s *BoltState) RemovePod(pod *Pod) error {
return err
}
nsBkt, err := getNSBucket(tx)
if err != nil {
return err
}
// Check if the pod exists
podDB := podBkt.Bucket(podID)
if podDB == nil {
@ -3288,9 +3113,6 @@ func (s *BoltState) RemovePod(pod *Pod) error {
if err := namesBkt.Delete(podName); err != nil {
return fmt.Errorf("removing pod %s name (%s) from DB: %w", pod.ID(), pod.Name(), err)
}
if err := nsBkt.Delete(podID); err != nil {
return fmt.Errorf("removing pod %s namespace from DB: %w", pod.ID(), err)
}
if err := allPodsBkt.Delete(podID); err != nil {
return fmt.Errorf("removing pod %s ID from all pods bucket in DB: %w", pod.ID(), err)
}
@ -3317,10 +3139,6 @@ func (s *BoltState) RemovePodContainers(pod *Pod) error {
return define.ErrPodRemoved
}
if s.namespace != "" && s.namespace != pod.config.Namespace {
return fmt.Errorf("pod %s is in namespace %q but we are in namespace %q: %w", pod.ID(), pod.config.Namespace, s.namespace, define.ErrNSMismatch)
}
podID := []byte(pod.ID())
db, err := s.getDBCon()
@ -3467,15 +3285,6 @@ func (s *BoltState) RemoveContainerFromPod(pod *Pod, ctr *Container) error {
return define.ErrPodRemoved
}
if s.namespace != "" {
if s.namespace != pod.config.Namespace {
return fmt.Errorf("pod %s is in namespace %q but we are in namespace %q: %w", pod.ID(), pod.config.Namespace, s.namespace, define.ErrNSMismatch)
}
if s.namespace != ctr.config.Namespace {
return fmt.Errorf("container %s in namespace %q but we are in namespace %q: %w", ctr.ID(), ctr.config.Namespace, s.namespace, define.ErrNSMismatch)
}
}
if ctr.config.Pod == "" {
return fmt.Errorf("container %s is not part of a pod, use RemoveContainer instead: %w", ctr.ID(), define.ErrNoSuchPod)
}
@ -3506,10 +3315,6 @@ func (s *BoltState) UpdatePod(pod *Pod) error {
return define.ErrPodRemoved
}
if s.namespace != "" && s.namespace != pod.config.Namespace {
return fmt.Errorf("pod %s is in namespace %q but we are in namespace %q: %w", pod.ID(), pod.config.Namespace, s.namespace, define.ErrNSMismatch)
}
newState := new(podState)
db, err := s.getDBCon()
@ -3563,10 +3368,6 @@ func (s *BoltState) SavePod(pod *Pod) error {
return define.ErrPodRemoved
}
if s.namespace != "" && s.namespace != pod.config.Namespace {
return fmt.Errorf("pod %s is in namespace %q but we are in namespace %q: %w", pod.ID(), pod.config.Namespace, s.namespace, define.ErrNSMismatch)
}
stateJSON, err := json.Marshal(pod.state)
if err != nil {
return fmt.Errorf("marshalling pod %s state to JSON: %w", pod.ID(), err)

95
libpod/boltdb_state_internal.go
View File

@ -1,7 +1,6 @@
package libpod
import (
"bytes"
"fmt"
"os"
"path/filepath"
@ -18,7 +17,6 @@ import (
const (
idRegistryName = "id-registry"
nameRegistryName = "name-registry"
nsRegistryName = "ns-registry"
ctrName = "ctr"
allCtrsName = "all-ctrs"
podName = "pod"
@ -40,7 +38,6 @@ const (
netNSName = "netns"
containersName = "containers"
podIDName = "pod-id"
namespaceName = "namespace"
networksName = "networks"
staticDirName = "static-dir"
@ -55,7 +52,6 @@ const (
var (
idRegistryBkt = []byte(idRegistryName)
nameRegistryBkt = []byte(nameRegistryName)
nsRegistryBkt = []byte(nsRegistryName)
ctrBkt = []byte(ctrName)
allCtrsBkt = []byte(allCtrsName)
podBkt = []byte(podName)
@ -78,7 +74,6 @@ var (
netNSKey = []byte(netNSName)
containersBkt = []byte(containersName)
podIDKey = []byte(podIDName)
namespaceKey = []byte(namespaceName)
staticDirKey = []byte(staticDirName)
tmpDirKey = []byte(tmpDirName)
@ -298,14 +293,6 @@ func getNamesBucket(tx *bolt.Tx) (*bolt.Bucket, error) {
return bkt, nil
}
func getNSBucket(tx *bolt.Tx) (*bolt.Bucket, error) {
bkt := tx.Bucket(nsRegistryBkt)
if bkt == nil {
return nil, fmt.Errorf("namespace registry bucket not found in DB: %w", define.ErrDBBadConfig)
}
return bkt, nil
}
func getCtrBucket(tx *bolt.Tx) (*bolt.Bucket, error) {
bkt := tx.Bucket(ctrBkt)
if bkt == nil {
@ -400,13 +387,6 @@ func (s *BoltState) getContainerConfigFromDB(id []byte, config *ContainerConfig,
return fmt.Errorf("container %s not found in DB: %w", string(id), define.ErrNoSuchCtr)
}
if s.namespaceBytes != nil {
ctrNamespaceBytes := ctrBkt.Get(namespaceKey)
if !bytes.Equal(s.namespaceBytes, ctrNamespaceBytes) {
return fmt.Errorf("cannot retrieve container %s as it is part of namespace %q and we are in namespace %q: %w", string(id), string(ctrNamespaceBytes), s.namespace, define.ErrNSMismatch)
}
}
configBytes := ctrBkt.Get(configKey)
if configBytes == nil {
return fmt.Errorf("container %s missing config key in DB: %w", string(id), define.ErrInternal)
@ -520,13 +500,6 @@ func (s *BoltState) getPodFromDB(id []byte, pod *Pod, podBkt *bolt.Bucket) error
return fmt.Errorf("pod with ID %s not found: %w", string(id), define.ErrNoSuchPod)
}
if s.namespaceBytes != nil {
podNamespaceBytes := podDB.Get(namespaceKey)
if !bytes.Equal(s.namespaceBytes, podNamespaceBytes) {
return fmt.Errorf("cannot retrieve pod %s as it is part of namespace %q and we are in namespace %q: %w", string(id), string(podNamespaceBytes), s.namespace, define.ErrNSMismatch)
}
}
podConfigBytes := podDB.Get(configKey)
if podConfigBytes == nil {
return fmt.Errorf("pod %s is missing configuration key in DB: %w", string(id), define.ErrInternal)
@ -605,11 +578,6 @@ func (s *BoltState) getVolumeFromDB(name []byte, volume *Volume, volBkt *bolt.Bu
// Add a container to the DB
// If pod is not nil, the container is added to the pod as well
func (s *BoltState) addContainer(ctr *Container, pod *Pod) error {
if s.namespace != "" && s.namespace != ctr.config.Namespace {
return fmt.Errorf("cannot add container %s as it is in namespace %q and we are in namespace %q: %w",
ctr.ID(), s.namespace, ctr.config.Namespace, define.ErrNSMismatch)
}
// Set the original networks to nil. We can save some space by not storing it in the config
// since we store it in a different mutable bucket anyway.
configNetworks := ctr.config.Networks
@ -629,11 +597,6 @@ func (s *BoltState) addContainer(ctr *Container, pod *Pod) error {
ctrID := []byte(ctr.ID())
ctrName := []byte(ctr.Name())
var ctrNamespace []byte
if ctr.config.Namespace != "" {
ctrNamespace = []byte(ctr.config.Namespace)
}
// make sure to marshal the network options before we get the db lock
networks := make(map[string][]byte, len(configNetworks))
for net, opts := range configNetworks {
@ -670,11 +633,6 @@ func (s *BoltState) addContainer(ctr *Container, pod *Pod) error {
return err
}
nsBucket, err := getNSBucket(tx)
if err != nil {
return err
}
ctrBucket, err := getCtrBucket(tx)
if err != nil {
return err
@ -710,12 +668,6 @@ func (s *BoltState) addContainer(ctr *Container, pod *Pod) error {
if podCtrs == nil {
return fmt.Errorf("pod %s does not have a containers bucket: %w", pod.ID(), define.ErrInternal)
}
podNS := podDB.Get(namespaceKey)
if !bytes.Equal(podNS, ctrNamespace) {
return fmt.Errorf("container %s is in namespace %s and pod %s is in namespace %s: %w",
ctr.ID(), ctr.config.Namespace, pod.ID(), pod.config.Namespace, define.ErrNSMismatch)
}
}
// Check if we already have a container with the given ID and name
@ -744,11 +696,6 @@ func (s *BoltState) addContainer(ctr *Container, pod *Pod) error {
if err := namesBucket.Put(ctrName, ctrID); err != nil {
return fmt.Errorf("adding container %s name (%s) to DB: %w", ctr.ID(), ctr.Name(), err)
}
if ctrNamespace != nil {
if err := nsBucket.Put(ctrID, ctrNamespace); err != nil {
return fmt.Errorf("adding container %s namespace (%q) to DB: %w", ctr.ID(), ctr.Namespace(), err)
}
}
if err := allCtrsBucket.Put(ctrID, ctrName); err != nil {
return fmt.Errorf("adding container %s to all containers bucket in DB: %w", ctr.ID(), err)
}
@ -764,11 +711,6 @@ func (s *BoltState) addContainer(ctr *Container, pod *Pod) error {
if err := newCtrBkt.Put(stateKey, stateJSON); err != nil {
return fmt.Errorf("adding container %s state to DB: %w", ctr.ID(), err)
}
if ctrNamespace != nil {
if err := newCtrBkt.Put(namespaceKey, ctrNamespace); err != nil {
return fmt.Errorf("adding container %s namespace to DB: %w", ctr.ID(), err)
}
}
if pod != nil {
if err := newCtrBkt.Put(podIDKey, []byte(pod.ID())); err != nil {
return fmt.Errorf("adding container %s pod to DB: %w", ctr.ID(), err)
@ -814,11 +756,6 @@ func (s *BoltState) addContainer(ctr *Container, pod *Pod) error {
return fmt.Errorf("container %s depends on container %s which is in a pod - containers not in pods cannot depend on containers in pods: %w", ctr.ID(), dependsCtr, define.ErrInvalidArg)
}
depNamespace := depCtrBkt.Get(namespaceKey)
if !bytes.Equal(ctrNamespace, depNamespace) {
return fmt.Errorf("container %s in namespace %q depends on container %s in namespace %q - namespaces must match: %w", ctr.ID(), ctr.config.Namespace, dependsCtr, string(depNamespace), define.ErrNSMismatch)
}
depCtrDependsBkt := depCtrBkt.Bucket(dependenciesBkt)
if depCtrDependsBkt == nil {
return fmt.Errorf("container %s does not have a dependencies bucket: %w", dependsCtr, define.ErrInternal)
@ -880,11 +817,6 @@ func (s *BoltState) removeContainer(ctr *Container, pod *Pod, tx *bolt.Tx) error
return err
}
nsBucket, err := getNSBucket(tx)
if err != nil {
return err
}
allCtrsBucket, err := getAllCtrsBucket(tx)
if err != nil {
return err
@ -919,17 +851,6 @@ func (s *BoltState) removeContainer(ctr *Container, pod *Pod, tx *bolt.Tx) error
return fmt.Errorf("no container with ID %s found in DB: %w", ctr.ID(), define.ErrNoSuchCtr)
}
// Compare namespace
// We can't remove containers not in our namespace
if s.namespace != "" {
if s.namespace != ctr.config.Namespace {
return fmt.Errorf("container %s is in namespace %q, does not match our namespace %q: %w", ctr.ID(), ctr.config.Namespace, s.namespace, define.ErrNSMismatch)
}
if pod != nil && s.namespace != pod.config.Namespace {
return fmt.Errorf("pod %s is in namespace %q, does not match out namespace %q: %w", pod.ID(), pod.config.Namespace, s.namespace, define.ErrNSMismatch)
}
}
if podDB != nil && pod != nil {
// Check if the container is in the pod, remove it if it is
podCtrs := podDB.Bucket(containersBkt)
@ -993,9 +914,6 @@ func (s *BoltState) removeContainer(ctr *Container, pod *Pod, tx *bolt.Tx) error
if err := namesBucket.Delete(ctrName); err != nil {
return fmt.Errorf("deleting container %s name in DB: %w", ctr.ID(), err)
}
if err := nsBucket.Delete(ctrID); err != nil {
return fmt.Errorf("deleting container %s namespace in DB: %w", ctr.ID(), err)
}
if err := allCtrsBucket.Delete(ctrID); err != nil {
return fmt.Errorf("deleting container %s from all containers bucket in DB: %w", ctr.ID(), err)
}
@ -1055,14 +973,11 @@ func (s *BoltState) removeContainer(ctr *Container, pod *Pod, tx *bolt.Tx) error
// lookupContainerID retrieves a container ID from the state by full or unique
// partial ID or name.
// NOTE: the retrieved container ID namespace may not match the state namespace.
func (s *BoltState) lookupContainerID(idOrName string, ctrBucket, namesBucket, nsBucket *bolt.Bucket) ([]byte, error) {
func (s *BoltState) lookupContainerID(idOrName string, ctrBucket, namesBucket *bolt.Bucket) ([]byte, error) {
// First, check if the ID given was the actual container ID
ctrExists := ctrBucket.Bucket([]byte(idOrName))
if ctrExists != nil {
// A full container ID was given.
// It might not be in our namespace, but this will be handled
// the callers.
return []byte(idOrName), nil
}
@ -1092,14 +1007,6 @@ func (s *BoltState) lookupContainerID(idOrName string, ctrBucket, namesBucket, n
// Search for partial ID matches.
exists := false
err := ctrBucket.ForEach(func(checkID, checkName []byte) error {
// If the container isn't in our namespace, we
// can't match it
if s.namespaceBytes != nil {
ns := nsBucket.Get(checkID)
if !bytes.Equal(ns, s.namespaceBytes) {
return nil
}
}
if strings.HasPrefix(string(checkID), idOrName) {
if exists {
return fmt.Errorf("more than one result for container ID %s: %w", idOrName, define.ErrCtrExists)

1107
libpod/state_test.go
View File

File diff suppressed because it is too large Load Diff